kiwi-user
Fail
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: CRITICAL
Full Analysis
- [SAFE] (SAFE): The file 'references/kiwi-user-api.md' consists entirely of API documentation. It does not include any scripts, executable commands, or instructions designed to manipulate agent behavior.\n- [Indirect Prompt Injection] (SAFE): The documentation defines endpoints (e.g., /v1/user/info) that return user-provided data such as names and avatars, which constitutes an indirect prompt injection surface if processed by an agent without sanitization. However, the documentation itself is benign.\n
- Ingestion points: User profile fields in /v1/user/info and token verification responses.\n
- Boundary markers: Not present in the reference documentation.\n
- Capability inventory: Not applicable as no code is provided.\n
- Sanitization: No sanitization or escaping logic is described in this reference.\n- [Metadata Poisoning] (SAFE): No malicious instructions were found in the API metadata or descriptions. The automated alert for 'response.Data.UserInfo.ID' is confirmed as a false positive, incorrectly identifying a data path as a blacklisted URL.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata